Reverse Engineering Software

Reverse Engineering Software

Reverse Engineering Software for Interoperability – LAW UPDATE July 2010

This is a hot issue, so whether you have a software EULA or SAAS contract protecting your software, you may want to learn more about reverse engineering and its legality (i.e. looking under the hood). In essence, most software and SAAS contracts specifically state that the user is prohibited from reverse engineering the software; by the way, this is something that should be addressed in the contract as copyright law does not provide this type of protection. There have historically been no real exceptions to the contractual prohibition on reverse engineering, but in the past decade or so there has been some changes or erosion to this protection (depending on your perspective).

1) Law Update July 2010 (iPhone Reverse Engineering for Interoperability): Actually the Library of Congress added some new exemptions (on July 26, 2010) to the Digital Millennium Copyright Act, which originally provided that it was illegal to circumvent technological measures that effectively controlled access to a work (even if you were reverse engineering to make your product work with theirs).

The exemptions are (I am paraphrasing here) (a) getting around access controls to enable an owner of a smart-phone to access software apps on the smart-phone that were independently created (i.e. apps not in the Apple app store), and (b) getting around access controls to enable an owner of a smart-phone to access another network (i.e. using an iPhone with another carrier). [US Copyright Office Information on this issue] We will see if Apply tries to use contract law or more advanced technological means to prevent this type of reverse engineering.

2) Reverse Engineering General Case Law (US): Without going into a lot of detail (and there is a lot of detail), there are situations when reverse engineering may be allowed under copyright law (usually based on the concept of ‘fair use’), and these cases provide some guidance (here is the perspective of the Electronic Freedom Foundation of some of these cases). [the EFF’s view]

3) European Perspective: In Europe, there has been a law on the books for a while that general provides for reverse engineering for interoperability. [European perspective]

I suggest that all software based businesses, whether your provide on-premises software or SAAS, should learn a little bit about this issue, as your partners, competitors and customers may know more about this than you and may be legally reverse engineering your software. By the way, this issue can get very complex when it comes to dealing with contractual restrictions vs. what is allowed under copyright law (i.e. which wins), but I will have to leave that discussion for another day and another blog post.